Friday, January 16, 2009

Thought on malware spreading through known vulnerabilities

The BBC has an article today about the spreading of an Internet worm to millions of PC's (aka Conficker, Downadup, or Kido). Interesting enough, this vulnerability was addressed by Microsoft in MS08-067 on October 23, 2008. The BBC article then obviously states "users should have up-to-date anti-virus software and install Microsoft's MS08-067 patch." What I found interesting was the estimated top locations of infections.

China 38,277
Brazil 34,814
Russia 24,526
India 16,497
Ukraine 14,767
Italy 13,115
Argentina 11,675
Korea 11,117
Romania 8,861
United States 3,958
United Kingdom 1,789

I wonder how this ranking compares to the total number of pirated/unsupported instances of the operating system running in each country, as in "not recognized as a 'Genuine' license to Microsoft and therefore unable to apply patches from Windows Update." I'm wondering if the spread of malware like this that targets personal PC's or office workstations would be significantly reduced if Microsoft either opened up their Windows Update service to non-verified owners, or changed their pricing to be more affordable for its worldwide users.

No comments: